[walnutclosefarm]

I agree that de-identification is imperfect, and re-identification is a risk (re-identification is, however, illegal in several states). However, the notion that there is big business in re-identifying medical records to target individuals is largely a myth, because there isn't a great market for individual-level information. Life insurance companies can't use it - they are required to get information they use for underwriting from the applicant, or with the applicant's permission. Companies who market medical products generally won't or can't use it (for one thing, it's typically not very timely - by the time your diagnosis appears in a re-identified data set, the time to get your attention is pretty well past for most conditions).

The companies that came seeking medical records (I was until recently Chief Technology Officer for a clinic/hospital system with 10M active patient records) were satisfied with de-identified data, because they were looking for insights to develop new, or re-purpose existing, therapies and technologies, or to create marketing strategies for their tech. They had no need or desire to know who a particular patient was, because they were looking for broader insights.